Professional Documents
Culture Documents
Vendor: Cisco
Question 31 -- Question 60
A.
B.
C.
D.
Answer: D
Explanation:
Configuring Port Security
http://packetlife.net/blog/2010/may/3/port-security/
We can view the default port security configuration with show port-security:
http://www.ciscopress.com/articles/article.asp?p=1722561
Switchport Security Violations
The second piece of switchport port-security that must be understood is a security violation
including what it is what causes it and what the different violation modes that exist. A switchport
200-101 Exam Dumps
A.
B.
C.
D.
E.
Answer: C
Explanation:
Whenever a node needs to send data to another node on a network, it must first know where to
send it. If the node cannot directly connect to the destination node, it has to send it via other nodes
along a proper route to the destination node. A remote network is a network that can only be
200-101 Exam Dumps
A.
B.
C.
D.
E.
F.
Answer: ABC
Explanation:
Switchport Security Concepts and Configuration
http://www.ciscopress.com/articles/article.asp?p=1722561
Switchport Security Violations
The second piece of switchport port-security that must be understood is a security violation
including what it is what causes it and what the different violation modes that exist. A switchport
violation occurs in one of two situations:
When the maximum number of secure MAC addresses has been reached (by default, the maximum
number of secure MAC addresses per switchport is limited to 1)
An address learned or configured on one secure interface is seen on another secure interface in
the same VLAN
The action that the device takes when one of these violations occurs can be configured:
Protect--This mode permits traffic from known MAC addresses to continue to be forwarded while
dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When
configured with this mode, no notification action is taken when traffic is dropped.
200-101 Exam Dumps
Answer: A
Explanation:
Frame Relay for ICND Exam
http://www.ciscopress.com/articles/article.asp?p=100603&seqNum=3
To assign a data-link connection identifier (DLCI) to a specified Frame Relay subinterface on the
router or access server, or to assign a specific permanent virtual circuit (PVC) to a DLCI, or to apply
a virtual template configuration for a PPP session, use the frame-relay interface-dlci interface
configuration command
Example 4-23 Example of frame-relay interface-dlci Command and the Output of show frame-relay
map
R4(config)#interface s1/2.403 point-to-point
R4(config-subif)#frame-relay interface-dlci ?
<16-1007> Define a switched or locally terminated DLCI
R4(config-subif)#frame-relay interface-dlci 403 ?
cisco Use CISCO Encapsulation
ietf Use RFC1490/RFC2427 Encapsulation
ppp Use RFC1973 Encapsulation to support PPP over FR protocol Optional protocol information
for remote end
<cr>
R4#show frame-relay map
Serial1/2.403 (up): point-to-point dlci, dlci 403(0xC9,0x3090), broadcast status defined, active R4#
QUESTION 35
What can be done to secure the virtual terminal interfaces on a router? (Choose two.)
A.
B.
C.
D.
E.
Answer: DE
Explanation:
200-101 Exam Dumps
A.
B.
C.
D.
Answer: C
Explanation:
From the routing table we learn that network 192.168.10.0/30 is learned via 2 equal- cost paths
(192.168.10.9 &192.168.10.5) - traffic to this network will be load-balancing.
QUESTION 37
Refer to the exhibit.
What information about the interfaces on the Main_Campus router is true?
A.
B.
C.
D.
E.
Answer: B
Explanation:
Interface fa0/0 breaks into sub interface and Main_Campus router is connected with switch via
fa0/0 .Subinterfaces configured with different subnet mask so its seem switch has multiple vlans
and allow communication between vlan , router and inter-vlan we need to make a trunk port.So B
will be the correct answer.
QUESTION 38
Refer to the exhibit.
C-router is to be used as a "router-on-a-stick" to route between the VLANs.
All the interfaces have been properly configured and IP routing is operational.
The hosts in the VLANs have been configured with the appropriate default gateway.
What is true about this configuration?
A. Any packet destined for a network that is not directly connected to router R1 will be dropped.
B. Any packet destined for a network that is not directly connected to router R2 will be dropped immediately.
C. Any packet destined for a network that is not directly connected to router R2 will be dropped immediately
because of the lack of a gateway on R1.
D. The networks directly connected to router R2 will not be able to communicate with the 172.16.100.0,
172.16.100.128, and 172.16.100.64 subnetworks.
E. Any packet destined for a network that is not referenced in the routing table of router R2 will be directed
to R1. R1 will then send that packet back to R2 and a routing loop will occur.
Answer: E
Explanation:
200-101 Exam Dumps
A.
B.
C.
D.
Answer: A
Explanation:
"ip route 0.0.0.0 0.0.0.0 serial0/0" is causing a loop. configuration is going to cause a loop and the
link between R1 and R2 will be congested, OSPF will not perform relationship between them. From
its name, OSPF is a Link-State routing protocol, and the link state between R1 and R2 is simply
down or something like that.
QUESTION 41
Refer to the exhibit. RTA is configured with a basic configuration. The link between the two routers
is operational and no routing protocols are configured on either router. The line shown in the exhibit
is then added to router RTA . Should interface Fa0/0 on router RTB shut down, what effect will the
shutdown have on router RTA?
A.
B.
C.
D.
Answer: A
Explanation:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800ef7b2.shtml
QUESTION 42
Refer to the exhibit.
The show interfaces serial 0/1 command was issued on the R10-1 router.
Based on the output displayed which statement is correct?
A. The cable connected to the serial 0/1 interface of the R10-1 router is a DTE cable.
B. The R10-1 router can ping the router interface connected to the serial 0/1 interface.
200-101 Exam Dumps
Answer: BDE
Explanation:
By default, all ports on a new switch belong to VLAN 1 (default & native VLAN). There are also
some well-known VLANs (for example: VLAN 1002 for fddi-default; VLAN 1003 for token-ring)
configured by default -> A is not correct.
To communicate between two different VLANs we need to use a Layer 3 device like router or
Layer 3 switch -> B is correct.
VLANs dont affect the number of collision domains, they are the same -> C is not correct.
Typically, VLANs increase the number of broadcast domains.We must use a different network (or
sub-network) for each VLAN. For example we can use 192.168.1.0/24 for VLAN 1, 192.168.2.0/24
for VLAN 2 -> D is correct.
A switch maintains a separate bridging table for each VLAN so that it can send frame to ports on
the same VLAN only. For example, if a PC in VLAN 2 sends a frame then the switch look-ups its
bridging table and only sends frame out of its ports which belong to VLAN 2 (it also sends this
frame on trunk ports) -> E is correct.
We can use multiple switches to expand VLAN -> F is not correct.
QUESTION 44
The output of the show frame-relay pvc command shows "PVC STATUS = INACTIVE". What does
this mean?
A. The PVC is configured correctly and is operating normally, but no data packets have been detected
for more than five minutes.
B. The PVC is configured correctly, is operating normally, and is no longer actively seeking the address
of the remote router.
C. The PVC is configured correctly, is operating normally, and is waiting for interesting traffic to trigger
a call to the remote router.
D. The PVC is configured correctly on the local switch, but there is a problem on the remote end of the PVC
E. The PVC is not configured on the local switch.
Answer: D
Explanation:
200-101 Exam Dumps
A.
B.
C.
D.
E.
F.
Answer: EF
Explanation:
http://www.cisco.com/en/US/docs/routers/access/800/819/software/configuration/Guide/6ser_conf
.html
QUESTION 46
Refer to the exhibit.
The output that is shown is generated at a switch.
Which three statements are true? (Choose three.)
A.
B.
C.
D.
E.
F.
Answer: ACE
Explanation:
From the output, we see that all ports are in Designated role (forwarding state) -> A and E are
correct.
The command "show spanning-tree vlan 30 only shows us information about VLAN 30.
We don't know how many VLAN exists in this switch -> B is not correct.
The bridge priority of this switch is 24606 which is lower than the default value bridge priority 32768
-> C is correct.
All three interfaces on this switch have the connection type "p2p", which means Point-to-point
environment - not a shared media >; D is not correct.
The only thing we can specify is this switch is the root bridge for VLAN 3o but we can not guarantee
it is also the root bridge for other VLANs -> F is not correct.
QUESTION 47
Refer to the exhibit.
When running EIGRP, what is required for RouterA to exchange routing updates with RouterC?
A.
B.
C.
D.
Answer: A
Explanation:
Here we required same autonomous system between router A,B,C.Routing updated always
exchange between in same EIGRP EIGRP autonomous system.you can configure more than one
EIGRP autonomous system on the same router. This is typically done at a redistribution point where
two EIGRP autonomous systems are interconnected. Individual router interfaces should only be
included within a single EIGRP autonomous system. Cisco does not recommend running multiple
EIGRP autonomous systems on the same set of interfaces on the router. If multiple EIGRP
autonomous systems are used with multiple points of mutual redistribution, it can cause
discrepancies in the EIGRP topology table if correct filtering is not performed at the redistribution
points. If possible, Cisco recommends you configure only one EIGRP autonomous system in any
single autonomous system.
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f07.shtml
QUESTION 48
Which term describes a spanning-tree network that has all switch ports in either the blocking or
fowarding state?
A.
B.
C.
D.
converged
redundant
provisioned
spanned
Answer: A
Explanation:
Spanning Tree Protocol convergence (Layer 2 convergence) happens when bridges and switches
have transitioned to either the forwarding or blocking state. When layer 2 is converged, root bridge
is elected and all port roles (Root, Designated and Non-Designated) in all switches are selected.
QUESTION 49
Refer to the exhibit.
A technician has configured the FastEthernet 0/1 interface on Sw11 as an access link in VLAN 1.
Based on the output from the show vlan brief command issued on Sw12, what will be the result of
200-101 Exam Dumps
A. Only the hosts in VLAN 1 on the two switches will be able to communicate with each other.
B. The hosts in all VLANs on the two switches will be able to communicate with each other.
C. Only the hosts in VLAN 10 and VLAN 15 on the two switches will be able to communicate
with each other.
D. Hosts will not be able to communicate between the two switches.
Answer: D
Explanation:
VLANs are local to each switch's database, and VLAN information is not passed between switches.
Trunks carry traffic from all VLANs to and from the switch by default but can be configured to carry
only specified VLAN traffic. Trunk links are required to pass VLAN information between switches.
So sw 11 port should be trunk not access port. Additionally, there are no ports assigned to VLAN
1.
QUESTION 50
Refer to the exhibit.
What commands must be configured on the 2950 switch and the router to allow communication
between host 1 and host 2? (Choose two.)
Answer: C
Explanation:
This command is used to verify whether the frame-relay inverse-arp command resolved a remote
IP address to a local DLCI. Use the show frame-relay map command to display the current map
entries and information about the connections.
QUESTION 52
Refer to the exhibit.
How will the router handle a packet destined for 192.0.2.156?
A.
B.
C.
D.
Answer: C
Explanation:
Router has pointed default router to 192.168.4.1 and this subnet is connected via serial 2 interface.
Router does not have router for the 192.0.2.156. so it will use the default gateway 192.168.4.1. A
default route identifies the gateway IP address to which the router sends all IP packets for which it
does not have a learned or static route.
QUESTION 53
200-101 Exam Dumps
A.
B.
C.
D.
E.
F.
Answer: DF
Explanation:
http://www.cisco.com/en/US/tech/tk389/tk815/technologies_configuration_example09186a00800
949fd.shtml
QUESTION 54
What is the advantage of using a multipoint interface instead of point-to-point subinterfaces when
configuring a Frame Relay hub in a hub-and-spoke topology?
A.
B.
C.
D.
Answer: B
Explanation:
you do not have to assign a separate subnet per sub-interface .if you're using a Class A network
(10.x.x.x/8), you blow the whole network on a few connections (if you used VLSM, you could use a
better mask, limit the addresses used). if you used 10.0.0.0/8, you would not be assigning the entire
/8 to a single network. You would select a subnet mask for the network and then, you would have
to use that mask with all subnets of the network. So if you chose a /24 mask, that would mean that
you would have to use a /24 mask for even point-to-point links.
QUESTION 55
200-101 Exam Dumps
Answer: BD
Explanation:
Frame Relay Commands (map-class frame-relay through threshold ecn)
http://www.cisco.com/en/US/docs/ios/12_2/wan/command/wrffr4.html#wp102934
Examples
The following is sample output from the show frame-relay map command:
Router#show frame-relay map Serial 1 (administratively down): ip 10.108.177.177 dlci 177
(0xB1,0x2C10), static, broadcast,
CISCO
TCP/IP Header Compression (inherited), passive (inherited)
QUESTION 56
Which protocol is an open standard protocol framework that is commonly used in VPNs, to provide
secure end-to-end communications?
A.
B.
C.
D.
RSA
L2TP
IPsec
PPTP
Answer: C
Explanation:
Internet Protocol Security (IPsec) is a technology protocol suite for securing Internet Protocol (IP)
communications by authenticating and/or encrypting each IP packet of a communication session.
IPsec also includes protocols for establishing mutual authentication between agents at the
beginning of the session and negotiation of cryptographic keys to be used during the session.
QUESTION 57
At which layer of the OSI model does PPP perform?
A.
B.
C.
D.
Layer 2
Layer 3
Layer 4
Layer 5
Answer: A
Explanation:
Point-to-Point Protocol (PPP) is a data link protocol commonly used in establishing a direct
connection between two networking nodes. It can provide connection authentication, transmission
encryption (using ECP, RFC 1968), and compression.
QUESTION 58
The command show frame-relay map gives the following output:
Serial 0 (up): ip 192.168.151.4 dlci 122, dynamic, broadcast, status
defined, active
200-101 Exam Dumps
Answer: ADE
Explanation:
http://www.cisco.com/en/US/docs/ios/12_2/wan/command/reference/wrffr4.html#wp1029343
QUESTION 59
What can be done to Frame Relay to resolve split-horizon issues?(Choose two.)
A.
B.
C.
D.
E.
Answer: BD
Explanation:
IP split horizon checking is disabled by default for Frame Relay encapsulation to allow routing
updates to go in and out of the same interface. An exception is the Enhanced Interior Gateway
Routing Protocol (EIGRP) for which split horizon must be explicitly disabled. Certain protocols such
as AppleTalk, transparent bridging, and Internetwork Packet Exchange (IPX) cannot be supported
on partially meshed networks because they require split horizon to be enabled (a packet received
on an interface cannot be transmitted over the same interface, even if the packet is received and
transmitted on different virtual circuits). Configuring Frame Relay subinterfaces ensures that a
single physical interface is treated as multiple virtual interfaces. This capability allows you to
overcome split horizon rules so packets received on one virtual interface can be forwarded to
another virtual interface, even if they are configured on the same physical interface.
200-101 Exam Dumps
reduced cost
better throughput
broadband incompatibility
increased security
scalability
reduced latency
Answer: ADE
Explanation:
http://www.cisco.com/en/US/products/ps5743/Products_Sub_Category_Home.html#~Benefits
Enhance Productivity and Cut Costs
Cisco VPN solutions provide exceptional security through encryption and authentication
technologies that protect data in transit from unauthorized access and attacks. A Cisco VPN helps
you:
Use highly secure communications, with access rights tailored to individual users Quickly add new
sites or users, without significantly expanding your existing infrastructure Improve productivity by
extending corporate networks, applications, and collaboration tools Reduce communications costs
while increasing flexibility